Amazon Leaves Users High and Dry Despite Promising Fire OS Encryption

5 March 2016 – Amazon has retracted their move to disable encryption on Fire OS and HDX devices. They have no plans to quickly fix this issue, though, saying that the update reenabling this security feature will come sometime in Spring. This leaves Amazon device users without an option for device encryption for at least a few months, putting their privacy and data at risk. Given Amazon’s heavy integration of monetized services and cloud applications, this security fix seems like it should be a higher priority for the internet retail giant.

Kindle Users Still Can’t Secure Their Data On Fire OS

Late yesterday amazon stated:

“We will return the option for full disk encryption with a Fire OS update coming this spring.”

This retraction comes in the wake of the highly publicized fight between Apple and the FBI over a similar feature on their devices. The removal of local encryption on their devices happened without an announcement from Amazon, and was seen by the community as a cynical bet against the outcome of the Apple case. This significant backlash caused the backpedaling from Amazon, but the retraction is essentially lip service until the update gets pushed to Fire OS and HDX devices.

Patch notes indicating removal of encryption

Given that Google now requires Encryption from OEMs retailing devices with Android 6.0 “Marshmallow” anyway, it’s puzzling to see this move from Amazon in the first place, as their Operating system is a spinoff of Android. Providing that they plan on future-proofing their platform, removing encryption makes little sense from a development perspective.

While Amazon is holding itself somewhat accountable for its actions by re-implementing encryption on Fire OS devices, their motives should still be questioned in doing this in the first place: the feature wasn’t broken, and they’ll be required to include it in the future. Worse is the fact that they aren’t pushing out the feature (that was there originally, mind you) promptly. Amazon is a Huge company, and rolling back a single change from their most recent update should not be a monumental task. Smaller, worse funded projects do the same thing all the time. What’s more, leaving more than 3 million new Kindle users without this basic Android security feature is completely unacceptable.

Should Amazon act more quickly on this issue? Be sure to let us know your thoughts in the comments!